Vulnerability Research & HTM Analysis Center

CyberMDX’s Vulnerability Research and HTM Analysis team regularly works with medical device organizations in the responsible disclosure of security vulnerabilities. The threat intelligence team works tirelessly to help protect hospitals and healthcare organizations from malicious attacks.

The team’s researchers, white hat hackers, and engineers collect information about possible attack paths to understand attacker motives, means, and methods in an effort to deliver the best protection possible.

CyberMDX discovered a bundle of six vulnerabilities affecting a range of GE Health products. If exploited, these vulnerabilities could result in remote device access & control, as well as file write & upload...

CyberMDX discovered that GE Aestiva devices and certain models of the GE Aespire anesthesia machine may be subject to unauthorized network communications and commands resulting from a protocol reversion vulnerability. Among other things, this vulnerability can be exploited to alter gas composition inputs...

The CyberMDX Research team discovered that the BD AlarisTM Gateway Workstation's firmwareis vulnerable to malicious exploitation whereby an upgrade can be executed without any predicate permissions and allow bad actors a route to "authenticate" malicious content...

The CyberMDX Research team discovered that the BD AlarisTM Gateway Workstation's web management system is vulnerable to malicious exploitation. Due to a lack of password protection, anyone knowing the IP address of a targeted workstation could...

The CyberMDX Research team discovered that if a malicious attacker can gain access to a hospital’s network and if the AlarisTM TIVA syringe pump is connected to a terminal server, the attacker can perform hacks without any prior knowledge of IP addresses or the pump's location...